I think you guys are talking about the Dabber worm. http://vil.nai.com/vil/content/v_125300.htm
Exibar ----- Original Message ----- From: "Maxime Ducharme" <[EMAIL PROTECTED]> To: "Roberto Navarro - TusProfesionales.es" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, May 14, 2004 10:01 AM Subject: Re: [Full-Disclosure] Worm of the worm? Hi K-OTik published an exploit for sasser's ftpd : http://www.k-otik.com/exploits/05102004.sasserftpd.c.php Maybe you are seeing manual scans or a brand new worm. Have a nice day Maxime Ducharme Programmeur / Spécialiste en sécurité réseau ----- Original Message ----- From: "Roberto Navarro - TusProfesionales.es" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, May 14, 2004 8:26 AM Subject: [Full-Disclosure] Worm of the worm? > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I have detected some scans lookin' for the 5554 port (sasser's ftpd). > > Does somebody know anything about a new worm, exploiting its > vulnerabilty? > > > Roberto a.k.a. Logan > > > There are no answers, only cross refernces. > -- Weiner's Law of Libraries > > - --------------------------------------- > Roberto Navarro > [EMAIL PROTECTED] > Registered Linux User #212565 > - --------------------------------------- > > -----BEGIN PGP SIGNATURE----- > Version: PGP 8.0.2 > > iQA/AwUBQKS63MhDftHeZF7JEQLl/ACfU2fksblzy3zYh4yelCH2GxATsqcAoM+F > S/UxvCt8U0dgVqP3E+TeunS2 > =sEU4 > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
